dohertj2/scadaproj
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(audit): fix canonical record field count (10 not 8) + drop BCL-only overstatement (review fixes)

Browse Source
This commit is contained in:
Joseph Doherty
2026-06-01 07:16:18 -04:00
parent 69c1be943e
commit 6588e15f57
3 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
components/audit/spec/SPEC.md
+5 -4
View File
@@ -22,8 +22,9 @@ code-verified current-state docs (`../current-state/`) and the locked design
- **Transport & storage** — OtOpcUa's Akka cluster-broadcast → singleton `AuditWriterActor` (batch
500 / 5 s, two-layer dedup) over `ConfigAuditLog`; MxGateway's SQLite `IApiKeyAuditStore` append +
list-recent; ScadaBridge's site-SQLite hot-path → central MS SQL ingest / reconcile / purge /
partition-maintenance / hash-chain pipeline. The shared core is **BCL-only** and carries no Akka /
EF / SQLite / Serilog dependency.
partition-maintenance / hash-chain pipeline. The shared core carries no Akka / EF / SQLite /
Serilog dependency; its only non-BCL dependency is `Microsoft.Extensions.DependencyInjection.Abstractions`
(for `AddZbAudit`).
- **Domain vocabulary** — ScadaBridge's `Channel` / `Kind` / `Status` / `ForwardState` enums and
OtOpcUa's `EventType` strings (`DraftCreated`, `Published`, `OpcUaAccessDenied`, …). These map
*into* `Action` / `Category` / `Outcome` / `DetailsJson`; they do not leak into the shared type.
@@ -125,12 +126,12 @@ name (identical `AuditEvent Apply(AuditEvent)` signature, pure / never-throws /
library essentially **lifts ScadaBridge's seams**.
The one real (non-naming) decision is the **writer's record type**: the canonical `IAuditWriter` is
typed on the 8-field `AuditEvent`; ScadaBridge's writer is typed on its ~25-field record.
typed on the 10-field `AuditEvent`; ScadaBridge's writer is typed on its ~25-field record.
> **Resolution (recommended):** share the **interface *name* + the `AuditOutcome` enum**, not the
> record schema. ScadaBridge keeps its rich ~25-field record as its **storage shape** (its whole
> transport / partition / forwarding / reconciliation layer is built on the extra columns), and maps
> to the canonical 8-field record **only at cross-app reporting boundaries**. This is the
> to the canonical 10-field record **only at cross-app reporting boundaries**. This is the
> minimal-coupling option — share the contract, not the schema — and avoids making the shared seam
> generic over the event type. ScadaBridge therefore converges by **renaming one interface** and
> adopting `AuditOutcome`, with no transport / storage / CLI / UI change.